TrojanSpy:Win32/Banker.RQ is a data-stealing trojan that captures user’s credentials, such as account numbers and passwords. It then relays the captured information to a remote attacker. This trojan may also masquerade as a Portuguese language version of Windows Live Messenger.

PWS:Win32/Fireming.A.dll is the detection for a password-stealing trojan usually installed by other malware. It logs keystrokes and steals user credentials. Some samples may also have backdoor capabilities and act as spam email relays.

Trojan:WinNT/Duqu.B is a variant of WinNT/Duqu, a trojan that could allow unauthorized remote access and control of an affected computer. This trojan component injects payload instructions, detected as Trojan:Win32/Duqu.A, into other processes.

TrojanSpy:JS/Paylap.B is detection for JavaScript within a webpage that can imitate the logon for the financial site PayPal and steal your login details.

Worm:Win32/Phorpiex.M is a worm that spreads via removable drives, fixed drives, and email. It lets a remote attacker gain access and control of your computer.

Trojan:Win32/Tobfy.H is ransomware that displays a full screen image, falsely claiming to be from the authorities. The image contains a message demanding payment in order for you to regain access to your desktop.

Windows Defender detects and removes this threat.

This threat locks your PC and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.

It pretends to be from the FBI or a national police force and tries to scare you into paying a fine to unlock your PC.

Typically, this threat gets on your PC when you visit a hacked webpage.

You can read more about this type on malware at the Ransom:Win32/Urausy family description or on our ransomware page.

Find out ways that malware can get on your PC.

Win32/Ldpinch is a family of password-stealing trojans. This trojan gathers private user data such as passwords from the host computer and sends the data to the attacker at a preset e-mail address. The Win32/Ldpinch trojans use their own Simple Mail Transfer Protocol (SMTP) engine or a web-based proxy for sending the e-mail, thus copies of the sent e-mail will not appear in the affected user's e-mail client.